<?php
    include_once '../connection/databaseHandler.php';
    include_once '../connection/sessionHandler.php';
    $database = new DatabaseHandler();
    $session = new SessionHandler();

    //Mendapatkan semua informasi yang telah divalidasi di client-side
    $wall_role = $_POST['wall_role'];
    $oldpassword = md5($_POST['oldpassword']); //masukanuser
    $password = md5($_POST['password']);
    $username = $session->username;
    
    $querypassword = "SELECT  password FROM $database->t_user
                     WHERE
                    username='$username' ";
    $result_pass = $database->execQuery($querypassword);
    $datauserrole=mysql_fetch_array($result_pass);
    $passuser = $datauserrole['password']; //hasil query

    if ($oldpassword==$passuser)
    {
        $query = "UPDATE  $database->t_user
                SET
                    wall_role='$wall_role',
                    password='$password'
                WHERE
                    username='$username' ";
        if ($database->execQuery($query)) {
            header("location:../profile.php");
        }
        else {
            header("location:../setting.php");
            die();
        }
    }
    else
    {
        header("location:../setting.php");
        die();
    }
?>
